Filter
Top Products
AT-S63 Management Software Features Guide
Section IX: Management Security 427
Guidelines
Here are the main steps to using the TACACS+ or RADIUS client on the
switch.
1. Install a TACACS+ or RADIUS server on one or more of your network
servers or management stations. Authentication protocol server
software is not available from Allied Telesis.
2. Configure the TACACS+ or RADIUS authentication server.
Here are the guidelines to follow when configuring the server for new
manager accounts:
– To create a new manager account, enter the username and
password combination that the network manager will use to log
onto the switch when managing the device. The maximum length
for a username is 38 alphanumeric characters and spaces, and the
maximum length for a password is 16 alphanumeric characters and
spaces.
– You must assign each account an authorization level. This differs
depending on the server software. TACACS+ controls this through
the sixteen (0 to 15) different levels of the Privilege attribute. A
privilege level of “0” gives the combination Operator status. Any
value from 1 to 15 gives the combination Manager status.
For RADIUS, management level is controlled by the Service Type
attribute. This attribute has 11 different values; only two apply to
the AT-S63 Management Software. A value of Administrative for
this attribute gives the username and password combination
Manager access. A value of NAS Prompt assigns the combination
Operator status.
Note
This manual does not explain how to configure a TACACS+ or
RADIUS server. For instructions, refer to the documentation
included with the server software.
Here are the guidelines to follow when configuring the server for
supplicant accounts for 802.1x port-based access control:
– 802.1x is only supported with a RADIUS server.
– To create an account for a supplicant connected to an
authenticator port set to the 802.1x authentication mode, enter a
username and password combination. The maximum length for a
username is 38 alphanumeric characters and spaces, and the